Vulnerabilities > Docker

DATE CVE VULNERABILITY TITLE RISK
2015-05-18 CVE-2015-3629 Link Following vulnerability in multiple products
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
local
low complexity
docker opensuse CWE-59
7.8
2014-12-12 CVE-2014-6408 Permissions, Privileges, and Access Controls vulnerability in Docker 1.3.0/1.3.1
Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.
network
low complexity
docker CWE-264
5.0
2014-12-12 CVE-2014-6407 Link Following vulnerability in Docker
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
network
low complexity
docker CWE-59
7.5